Russian hackers have been trying to breach Microsoft’s systems recently, using stolen data they got in an earlier hack, the company said on Friday.
The hackers, identified by Microsoft as a Russian state-sponsored group called Midnight Blizzard, have been trying to use information taken from our corporate email systems to gain unauthorized access to the company’s systems.
In January, Microsoft disclosed that Midnight Blizzard had launched a nation-state attack on its corporate systems.
During the attack, the hackers managed to access a small number of corporate email accounts, including some belonging to Microsoft’s senior leadership team, the company had announced at the time.
Microsoft stated in a blog post on Friday that Midnight Blizzard is trying to use various types of secrets it has found.
This includes secrets shared between customers and Microsoft through email. The company is alerting customers and helping them take protective measures as it uncovers this information in its exfiltrated email.
According to Microsoft, in February, the Russian hacking group ramped up certain types of attacks, such as password sprays, by as much as 10 times. Password sprays involve hackers repeatedly using the same password on various accounts to gain access.
“Midnight Blizzard’s ongoing attack is characterized by a sustained, significant commitment of the threat actor’s resources, coordination, and focus,” Microsoft said. “It may be using the information it has obtained to accumulate a picture of areas to attack and enhance its ability to do so.”
“This reflects what has become more broadly an unprecedented global threat landscape, especially in terms of sophisticated nation-state attacks,” it added.
